Encryption for Windows and Mac Computers
Last Updated: November 5, 2024 2:55 pm
OASIS IRB Support
Data Encryption: Protecting Your Research Data
As of the latest Minimum Security Standards (MSS) release, data encryption is required for all tier 2 and tier 3 research data where feasible. Encryption ensures that sensitive data remains secure, even if it is intercepted or accessed by unauthorized users.
Requirements
Any computer, external flash drive, or hard drive that comes into contact with your research data must be encrypted. The specific method for encryption will depend on the operating system of your primary device. Here’s what you need to know:
- Windows 11: Use BitLocker to encrypt your computer and any external drives. BitLocker
- Mac OS: Use FileVault to secure your device and any connected drives. FileVault
Encryption may not be required for local devices if all research data is handled exclusively in a secure, campus-provisioned virtual computing environment like those approved or managed by OASIS. This exception can simplify workflows for researchers while maintaining high data security standards.
What is Encryption?
Encryption is the process of converting data into a code to prevent unauthorized access. Using an algorithm, readable data, or plaintext, is transformed into an unreadable format known as ciphertext. Only those with the correct decryption key can turn the ciphertext back into readable data. Think of it as a complex version of those cereal box word codes you might have solved as a child—only vastly more secure.
How It Works
In plain text, your data could be readable if it falls into the wrong hands. Encryption, however, makes your data virtually unreadable to anyone without the key, adding a strong layer of security. If you’re working with sensitive research, encryption helps ensure that even if someone were to intercept your data, it would be completely indecipherable without the correct key.
Encrypted data can be safely stored on a device or transmitted over a network, with confidence that it will remain secure. For added protection, using UNC’s Virtual Private Network (VPN) whenever you’re off-campus is critical. The VPN provides an encrypted connection between your device and UNC’s network, keeping your data shielded from potential interception.
Why Encryption Matters
Encryption ensures that sensitive information is protected from unauthorized access, even if the data is intercepted or accessed by malicious actors. For researchers, it means that data remains secure whether it’s stored locally, on an external device, or transmitted across networks.